feat: implement password requirements on web (M2-10507)#719
Open
sricharan-varanasi wants to merge 35 commits intodevfrom
Open
feat: implement password requirements on web (M2-10507)#719sricharan-varanasi wants to merge 35 commits intodevfrom
sricharan-varanasi wants to merge 35 commits intodevfrom
Conversation
sricharan-varanasi
changed the title
|
This pull request is automatically being deployed by Amplify Hosting (learn more). |
sricharan-varanasi
force-pushed
the
feature/password-requirements-web
branch
from
c2df86e to
3e96322
Compare
adeiji
reviewed
Apr 10, 2026
adeiji
reviewed
Apr 10, 2026
adeiji
reviewed
Apr 10, 2026
adeiji
reviewed
Apr 10, 2026
adeiji
left a comment
adeiji
left a comment
There was a problem hiding this comment.
Everything looks great. Nice work! I just noted one potential issue with translations and maybe needing to use useTranslation().
divbzero
approved these changes
Apr 10, 2026
Contributor
divbzero
left a comment
divbzero
left a comment
There was a problem hiding this comment.
@sricharan-varanasi Looks good! Please take a look at the comments marked [Important] before merging. The other comments are minor so feel free to use your judgment on whether to make those changes.
divbzero
added a commit
to ChildMindInstitute/mindlogger-backend-refactor
that referenced
this pull request
Apr 12, 2026
Validate caseless characters in passwords as both uppercase and lowercase. This matches the behavior on the frontend: - ChildMindInstitute/mindlogger-admin#2207 - ChildMindInstitute/mindlogger-app-refactor#1089 - ChildMindInstitute/mindlogger-web-refactor#719
1 task
divbzero
added a commit
to ChildMindInstitute/mindlogger-backend-refactor
that referenced
this pull request
Apr 13, 2026
…2038) 🔗 [Jira Ticket M2-10505](https://mindlogger.atlassian.net/browse/M2-10505) Changes include: - Validate caseless characters in passwords as both uppercase and lowercase. This is a follow-up to pull request #2036. After thinking through @jodybrookover’s comments, seems to make sense to allow caseless characters in passwords to validate as both uppercase and lowercase letters. There tend to be more caseless characters than uppercase or lowercase letters, and this matches the behavior already implemented on the frontend with: - ChildMindInstitute/mindlogger-admin#2207 - ChildMindInstitute/mindlogger-app-refactor#1089 - ChildMindInstitute/mindlogger-web-refactor#719
aweiland
approved these changes
Apr 14, 2026
…ng password checklist errors
divbzero
approved these changes
Apr 20, 2026
| "passwordBlankSpaces": "A senha não deve conter espaços.", | ||
| "passwordCharacterTypes": "A senha deve conter pelo menos {{types}} de: maiúsculas, minúsculas, números, símbolos.", | ||
| "passwordMustInclude": "A senha deve incluir:", | ||
| "passwordMustInclude": "A palavra-chave deve conter no mínimo 10 caracteres, sem espaços, e pelo menos 3 dos 4 itens abaixo:", |
Contributor
There was a problem hiding this comment.
[Important] Add passwordMustIncludeMinimum?
Contributor
There was a problem hiding this comment.
(Minor) Parametrize the numbers in these translations?
| const passwordValue = useWatch({ control: form.control, name: 'password' }); | ||
|
|
||
| useEffect(() => { | ||
| clearErrors('password'); |
Contributor
There was a problem hiding this comment.
Did we intentionally remove clearErrors here? I think we still clearErrors on the other forms.
…w error message on submit when password field is empty
…entsSection so that we dont have inconsistent behaviour within the app fixed bug: M2-106
…s in password policy check
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📝 Description
🔗 Jira Ticket M2-10507
Changes include:
checkPassword) with NFC normalization - emoji counts as 1 char, caseless scripts (CJK, Arabic, Hebrew, etc.) count as both upper and lowercasePasswordRequirementsTooltipcomponent - real-time ✓/✗ checklist shown next to password fields on Signup, Recovery, and Change Password formsi18n.t()with interpolation params (matching admin pattern) - error messages now show correct min length per context (10 for new passwords, 6 for legacy/login)checkPassword🪤 Peer Testing
Sign up: Enter passwords and verify the tooltip appears next to the password field showing requirements updating in real-time. Try passwords shorter than 10 chars, with spaces, with fewer than 3 character types - each should show as ✗. A valid password (e.g.
MyPassword1!) should show all ✓.Login: Enter a password shorter than 6 characters - should show min length error with "6" in the message.
Change Password / Recovery Password: Same tooltip behavior as signup. Old password field accepts min 6 chars (legacy). New password enforces the full 10-char + complexity rules.
Language switching: Switch to fr/es/pt/el and verify error messages and tooltip text are translated with correct interpolated numbers.
✏️ Notes
Mirrors the admin PR implementation. Schemas are now factory functions (not module-level constants) so they can call
i18n.t()with{ chars }and{ types }params at creation time.